Unusual activity
Simon Matthews
simon at paxonet.com
Thu May 23 02:24:38 UTC 2002
In scanning my logfiles for keywords, I came across some unusual activity.
Now this may just be a coincidence, but since I have nver seen this
before, it does look strange. Is someone trying a DDOS attack on my
server, or is it to do with an old vunerability ("infoleak")?
What is interesting is how these are so closely grouped in time and the
fact that I have never seen them before (and I configured BIND not to
allow recursion from external sites some months back).
Also, who needs to look up "."?
Anyone care to comment?
May 22 10:42:04 bastion.coreel.com named[2791]: denied recursion for query
from [63.236.62.70].33069 for .
May 22 10:42:05 bastion.coreel.com named[2791]: denied recursion for query
from [130.94.90.52].33052 for .
May 22 10:42:05 bastion.coreel.com named[2791]: denied recursion for query
from [66.150.15.72].33084 for .
May 22 10:42:05 bastion.coreel.com named[2791]: denied recursion for query
from [63.150.152.73].33023 for . May 22 10:42:05 bastion.coreel.com
named[2791]: denied recursion for query from [128.241.247.53].33002 for .
May 22 10:42:05 bastion.coreel.com named[2791]: denied recursion for query
from [61.213.186.231].33022 for .
May 22 10:42:05 bastion.coreel.com named[2791]: denied recursion for query
from [62.41.152.88].33035 for .
May 22 10:42:06 bastion.coreel.com named[2791]: denied recursion for query
from [63.236.62.70].33069 for .
May 22 10:42:06 bastion.coreel.com named[2791]: denied recursion for query
from [130.94.90.52].33052 for .
May 22 10:42:06 bastion.coreel.com named[2791]: denied recursion for query
from [66.150.15.72].33084 for .
May 22 10:42:07 bastion.coreel.com named[2791]: denied recursion for query
from [63.150.152.73].33023 for . May 22 10:42:07 bastion.coreel.com
named[2791]: denied recursion for query from [128.241.247.53].33002 for .
May 22 10:42:07 bastion.coreel.com named[2791]: denied recursion for query
from [61.213.186.231].33022 for .
May 22 10:42:07 bastion.coreel.com named[2791]: denied recursion for query
from [62.41.152.88].33035 for .
May 22 10:47:06 bastion.coreel.com named[2791]: denied recursion for query
from [63.150.152.73].33023 for . May 22 10:47:06 bastion.coreel.com
named[2791]: denied recursion for query from [66.150.15.72].33084 for .
May 22 10:47:06 bastion.coreel.com named[2791]: denied recursion for query
from [61.213.186.231].33022 for .
May 22 10:47:06 bastion.coreel.com named[2791]: denied recursion for query
from [130.94.90.52].33052 for .
May 22 10:47:06 bastion.coreel.com named[2791]: denied recursion for query
from [63.236.62.70].33069 for .
May 22 10:47:06 bastion.coreel.com named[2791]: denied recursion for query
from [62.41.152.88].33035 for .
May 22 10:47:06 bastion.coreel.com named[2791]: denied recursion for query
from [128.241.247.53].33002 for .
May 22 10:47:07 bastion.coreel.com named[2791]: denied recursion for query
from [63.150.152.73].33023 for . May 22 10:47:07 bastion.coreel.com
named[2791]: denied recursion for query from [66.150.15.72].33084 for .
May 22 10:47:07 bastion.coreel.com named[2791]: denied recursion for query
from [130.94.90.52].33052 for .
May 22 10:47:07 bastion.coreel.com named[2791]: denied recursion for query
from [61.213.186.231].33022 for .
May 22 10:47:07 bastion.coreel.com named[2791]: denied recursion for query
from [63.236.62.70].33069 for .
May 22 10:47:07 bastion.coreel.com named[2791]: denied recursion for query
from [62.41.152.88].33035 for .
May 22 10:47:08 bastion.coreel.com named[2791]: denied recursion for query
from [128.241.247.53].33002 for .
More information about the bind-users
mailing list